Pomocy =(
Mam problem gdy uruchamiam komputer wyświetla mi się informacja o tym źe system nie moźe znaleźć ibm00003.exe , I strasznie wolno się ładuje na początku, wydaje mi się źe to przez brak tego pliku. Jak moźna "załatać" tą dziure w systemie bez formatowania dysku ??
Mój log:
Logfile of HijackThis v1.99.1
Scan saved at 14:13:48, on 2005–10–29
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\APVXDWIN.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\WebProxy.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\WebProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\komputerek\Ustawienia lokalne\Temp\Katalog tymczasowy 1 dla hijackthis[1].zip\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F2 – REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00003.exe"
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32–C1FB–11D2–892F–0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 – HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 – HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 – HKLM\..\Run: [leeman] C:\WINDOWS\System32\leeman.exe
O4 – HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\APVXDWIN.EXE" /s
O4 – HKLM\..\RunServices: [leeman] C:\WINDOWS\System32\leeman.exe
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [leeman] C:\WINDOWS\System32\leeman.exe
O4 – HKCU\..\Run: [Shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00003.exe"
O4 – HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS\web\related.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS\web\related.htm
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O9 – Extra 'Tools' menuitem: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O15 – Trusted Zone: http://ny.contentmatch.net (HKLM)
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 – DPF: {AB8638BB–79E8–4E9D–ABF2–8F33054E3941} (Guesser Class) – http://czat.onet.pl/client/kalambury/NetPunGame1.dll
O17 – HKLM\System\CCS\Services\Tcpip\..\{5B70AA0C–E6B8–4B8D–8618–C755BA452B0C}: NameServer = 212.160.162.2,212.160.162.3
O21 – SSODL: ws_32 – {FF23D151–CDB4–4D7B–A9D5–C843A1DA85E4} – ws_32.dll (file missing)
O21 – SSODL: SysTray.Excn2 – {1722ECFF–4356–4f5b–B534–E67294FE75E9} – (no file)
O21 – SSODL: SysTray.Exgl – {636821FC–6F5C–2f1b–B164–E67214F678E2} – C:\WINDOWS\System32\fceqlimh.dll
O23 – Service: AVG7 Alert Manager Server (Avg7Alrt) – GRISOFT, s.r.o. – C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 – Service: AVG7 Update Service (Avg7UpdSvc) – GRISOFT, s.r.o. – C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 – Service: Panda Firewall Service (PAVFIRES) – Panda Software – C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe
O23 – Service: Panda Function Service (PAVFNSVR) – Panda Software – C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe
O23 – Service: Panda PavProt (PavProt) – Panda Software – C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe
O23 – Service: Panda Process Protection Service (PavPrSrv) – Panda Software – C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 – Service: Panda anti–virus service (PAVSRV) – Panda Software – C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\pavsrv51.exe
O23 – Service: Panda Preventium+ Service (PREVSRV) – Panda Software – C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe
O23 – Service: Panda IManager Service (PSIMSVC) – Panda Software Internacional – C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe
O23 – Service: PC Tools Spyware Doctor (SDhelper) – PC Tools – C:\Program Files\Spyware Doctor\sdhelp.exe
Tak apropo wogóle nie mam zielonego pojęcia jak to otczytać i co pokolei robić... Proszę o wskazówki
Mój log:
Logfile of HijackThis v1.99.1
Scan saved at 14:13:48, on 2005–10–29
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\APVXDWIN.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\WebProxy.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\WebProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\komputerek\Ustawienia lokalne\Temp\Katalog tymczasowy 1 dla hijackthis[1].zip\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F2 – REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00003.exe"
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32–C1FB–11D2–892F–0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 – HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 – HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 – HKLM\..\Run: [leeman] C:\WINDOWS\System32\leeman.exe
O4 – HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\APVXDWIN.EXE" /s
O4 – HKLM\..\RunServices: [leeman] C:\WINDOWS\System32\leeman.exe
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [leeman] C:\WINDOWS\System32\leeman.exe
O4 – HKCU\..\Run: [Shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00003.exe"
O4 – HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS\web\related.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS\web\related.htm
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O9 – Extra 'Tools' menuitem: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O15 – Trusted Zone: http://ny.contentmatch.net (HKLM)
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 – DPF: {AB8638BB–79E8–4E9D–ABF2–8F33054E3941} (Guesser Class) – http://czat.onet.pl/client/kalambury/NetPunGame1.dll
O17 – HKLM\System\CCS\Services\Tcpip\..\{5B70AA0C–E6B8–4B8D–8618–C755BA452B0C}: NameServer = 212.160.162.2,212.160.162.3
O21 – SSODL: ws_32 – {FF23D151–CDB4–4D7B–A9D5–C843A1DA85E4} – ws_32.dll (file missing)
O21 – SSODL: SysTray.Excn2 – {1722ECFF–4356–4f5b–B534–E67294FE75E9} – (no file)
O21 – SSODL: SysTray.Exgl – {636821FC–6F5C–2f1b–B164–E67214F678E2} – C:\WINDOWS\System32\fceqlimh.dll
O23 – Service: AVG7 Alert Manager Server (Avg7Alrt) – GRISOFT, s.r.o. – C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 – Service: AVG7 Update Service (Avg7UpdSvc) – GRISOFT, s.r.o. – C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 – Service: Panda Firewall Service (PAVFIRES) – Panda Software – C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe
O23 – Service: Panda Function Service (PAVFNSVR) – Panda Software – C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe
O23 – Service: Panda PavProt (PavProt) – Panda Software – C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe
O23 – Service: Panda Process Protection Service (PavPrSrv) – Panda Software – C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 – Service: Panda anti–virus service (PAVSRV) – Panda Software – C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\pavsrv51.exe
O23 – Service: Panda Preventium+ Service (PREVSRV) – Panda Software – C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe
O23 – Service: Panda IManager Service (PSIMSVC) – Panda Software Internacional – C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe
O23 – Service: PC Tools Spyware Doctor (SDhelper) – PC Tools – C:\Program Files\Spyware Doctor\sdhelp.exe
Tak apropo wogóle nie mam zielonego pojęcia jak to otczytać i co pokolei robić... Proszę o wskazówki
Odpowiedzi: 1
No i dobrze ze nie moze znalezc, poniewaz to nie jest plik potrzebny systemowi. To trojan. W Uruchom wpisz msconfig, zakladka Uruchamianie, wyszukaj pozycje (jesli bedzie) "ibm00003.exe" i odznacz.OoMysiAoO:
Mam problem gdy uruchamiam komputer wyświetla mi się informacja o tym źe system nie moźe znaleźć ibm00003.exe
Po co u Ciebie Panda i AVG ? Jednego antyvira uzywaj.
Z tym co ponizej zrobisz to co opisano tu –> http://forum.centrumxp.pl/viewtopic.php?t=19974
F2 – REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00003.exe"
O4 – HKCU\..\Run: [Shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00003.exe"
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS\web\related.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS\web\related.htm
O21 – SSODL: ws_32 – {FF23D151–CDB4–4D7B–A9D5–C843A1DA85E4} – ws_32.dll (file missing)
O21 – SSODL: SysTray.Excn2 – {1722ECFF–4356–4f5b–B534–E67294FE75E9} – (no file)
O21 – SSODL: SysTray.Exgl – {636821FC–6F5C–2f1b–B164–E67214F678E2} – C:\WINDOWS\System32\fceqlimh.dll
Co to jest "leeman"? Znasz program o podobnej nazwie ? Instalowalas/les ? Jesli tak, pozostaw. Jesli nie, usun.
O4 – HKLM\..\Run: [leeman] C:\WINDOWS\System32\leeman.exe
O4 – HKLM\..\RunServices: [leeman] C:\WINDOWS\System32\leeman.exe
O4 – HKCU\..\Run: [leeman] C:\WINDOWS\System32\leeman.exe
Nastepnym razem sprawdz sobie wlasnorecznie log –> http://forum.centrumxp.pl/viewtopic.php?t=37513
Strona 1 / 1